Cybersecurity is a key policy and practice focus, and new governance principles aim to support directors, writes Louise Petschler GAICD. The AICD is also looking ahead to new governance resources and promoting awareness of new director ID requirements.
Cyber Security Governance Principles
Equipping directors and boards to respond to the increasing threat of cybercrime is a priority for the AICD. New Cyber Security Governance Principles were launched on 20 October by the Minister for Cyber Security Clare O’Neil, as part of our ongoing focus on this challenge.
The cyber governance principles are an Australian first, the result of a partnership between the AICD’s Governance & Policy Leadership area and the Cyber Security Cooperative Research Centre (CSCRC).
Developed in consultation with senior Australian directors, cyber industry experts and government, the principles provide a practical framework for board oversight across five key cyber governance areas:
- Roles and responsibilities of management and the board
- Cyber strategy development and evolution
- Incorporating cyber into risk management governance
- Building a cyber-resilient culture
- Preparing and responding to significant cyber incidents.
Real-life case studies contributed by experienced directors help bring the principles to life, and key questions for directors and “governance red flags” accompany each principle.
For SME and NFP directors, there are specific checklists with targeted, practical steps to enhance cybersecurity resilience and strengthen cyber governance.
The AICD itself, like all organisations, is not immune to cyber risks and scam attempts. Our virtual member event in October was impacted by technical issues and suspected phishing links in comments. As a result, we made the decision to cancel the live session. Our expert panel on the principles was recorded. Members can view the discussion with Telstra chair John Mullen AO, ASX and Stockland director Melinda Conrad FAICD, CSCRC CEO Rachael Falk and the AICD’s head of policy Christian Gergis GAICD at the link above.
The Director Sentiment Index tells us that cybersecurity is the number-one issue “keeping directors awake at night”. The level of interest in our Cyber Security Governance Principles demonstrates this — in the first two weeks of their release, there were over 10,000 downloads. We welcome your feedback or questions on the principles, via email at firstname.lastname@example.org
The government is also focused on building national cyber resilience, with Minister O’Neil committing to a revamp of the nation’s cyber strategy over coming months. Reviews of the Privacy Act 1988 (Cth), data collection obligations and cyber breach penalties are also in play. The AICD will be engaging closely with this evolving regulatory landscape and considering the implications for boards and directors.
AICD's regulatory reform priorities
The AICD advocates for fair, fit-for-purpose and modern regulations that support diligent directors in governing for growth. Our FY23 reform priorities include:
- Coordinated cyber policies that reflect the complex risk environment
- Appropriate policy settings and support high-quality market disclosures
- NFP regulation that promotes accountability and financial sustainability
- ESG reporting standards that are appropriately targeted and lift current practice
Custodianship and Country
Last month, members at the Melbourne and Sydney Essential Director Update (part of the AICD’s largest annual event series) heard from AICD First Nations Sector Lead Justin Agale MAICD, introducing the Welcome to Country that was extended to the AICD and its members. Since the AICD’s first Reconciliation Action Plan launched in 2017, we have committed to respectful and consistent Welcome to Country and Acknowledgement of Country protocols across all our events.
Acknowledging Country connects us to 60,000 years of First Nations governance and creates an awareness of the impact of our decisions, the stewardship role of boards, and the long-term perspective required of directors, as Agale highlighted.
On ESG issues, there are reflections and insights that can inform and support governance outcomes.
In 2023, the AICD will be releasing resources for members and boards exploring these themes, with the aim of contributing to a uniquely Australian concept of governance, informed by First Nations insights, concepts of stewardship and Country, and a commitment to a two-way learning process.
Progress on board diversity
Australia continues to be a world leader in terms of gender diversity on the boards of our nation’s largest listed companies. Earlier this year, the proportion of women on ASX 200 boards hit 35 per cent, a significant lift from 2010, when this figure stood at eight per cent. This change has been driven by boards — especially chairs — embracing the case for diversity at the board table, as well as investor and stakeholder focus.
A 2021 University of Queensland study reviewed the drivers for Australia’s strong performance on lifting board gender diversity. The report — Towards Board Gender Parity — recognised the important role that the AICD’s Chair’s Mentoring Program has played in driving the change.
The end of 2022 signals the close of the seventh round of the AICD Chair’s Mentoring Program. This year’s 46 mentees represent a cohort of leaders from across states and sectors. Each mentee benefits from the generous commitment of the AICD’s experienced mentor network of leading ASX directors.
Practice resources — supporting good governance
Examples of the AICD’s contemporary governance practice resources for members:
Effective Board Minutes
- AICD’s joint statement with the Governance Institute draws on lessons from the Financial Services Commission
NFP Governance Principles
Already a member?
Login to view this content